There are a lot of things that are connected to the Internet nowadays. You can connect your TV, your car, your refrigerator and just about anything else that can power on it seems. That includes anything like your toothbrush to your home lighting system. This is great, it is so convenient being able to control your landscape lighting with a touch of your finger on your smartphone but it also presents a security risk that you should not overlook. Have you secured your lighting system?
If you haven’t, this could be a great opportunity to make this one of your New Year’s resolutions and it is easier to meet that resolution than you might think!
The Internet of Things And Default Passwords
Since it seems like nearly everything that is made today can be connected to the Internet those devices need to be easy to set up. You may be an IT pro and this could be second nature to you but not everyone is like this. There are many people out there that need their children or grandchildren just to setup and work a computer.
What makes these devices easy to setup is that they all have a default username and/or password assigned to them or no password at all. It is assumed that during setup the user will want to create their own, more customized, security credentials but you know what happens when you assume. Most people, once setup is complete, are happy and do not want to mess the system up by changing anything.
Now some devices do require the user to setup more secure login credentials and that may be the direction that tech is taking. That is a good thing but it does little to help with the devices that are already installed in people’s homes.
Default Passwords Are Not Safe
If you continue to use a default username and password with the Internet of Things you are vulnerable. Why? Because it is very easy to find out what that default username and password is. It is all on the Internet. This goes for not only your smart lighting system but anything else connected to the Internet of Things like your security cameras.
It’s downright scary what someone can do. It can get worse too, a thief could hack into your system to turn the lights on as they rob you and then hack into your security camera and delete the footage of their deed. Or they could use it to spy on you. It is even possible to steal your wifi password and if they get that they can access any information that is sent and received on your computer like your credit card or bank information.
Hacked At Home Or From Across The Globe
When you think of a hacker you probably think of someone in a cramped apartment surrounded by computers in Russia. That is true in some cases but they can also be right in your neighborhood too. That can be someone sitting in a car with a laptop or even using a drone. In 2016 a drone was used to hack (by a team of security researchers) a room full of smart light bulbs. It can be done.
Anything connected to the Internet is vulnerable and devices like smart light bulbs can also have security weaknesses just the same as your computer does. Your computer gets more attention by notifying you when an update is ready but a cyber criminal is going to look for the path of least resistance and that could be your smart lighting system.
A Global Problem
This is not just a problem in the United States, it is a global problem. Experts have been sounding the alarm for years but these warnings have seemed to have fallen on deaf ears. It is so bad that in Japan, in an effort to beef up cyber security in advance of the 2020 Olympic Games the government has authorized a mass hack of its citizens using Internet of Things devices in an effort to raise awareness and test security. Controversial yes, but sometimes you have to shame people to get them to change.
What Can You Do?
At Resort Lighting we do not want to see anything bad happen to our customers so setting up more secure usernames or passwords is one of the things that we stress. We can help you set up your system more securely and we certainly recommend that you do so. The most obvious thing that you can do is to not use a default username and password. Set your own custom credentials. It will keep you more secure. If a cyber criminal cannot guess the login information quickly, they will probably move on.
Now of course the more secure the password, the harder it will be to remember it. That is not unusual, in fact that is the way it is meant to be. A good password should not be able to be guessed. It should be a mix of numbers, upper and lower case letters and symbols. A good, secure 16 character password can take more than a lifetime to guess. You aren’t going to remember it so don’t forget to write it down.
Two-Factor Authentication
At the same time new security features like Two-Factor Authentication has been growing in popularity in 2019. This adds an extra layer of security to your login by having you complete a second layer of security like having to answer a secret question that hopefully only you know. Two-Factor Authentication may not be available with all systems or it may not be enabled by default so you may need to know that it is there. Ask us about that when we come to set up your landscape lighting system.
This is going to become the new avenue of attack for cyber criminals as it is expected that over 20 billion Internet of Things devices will be connected to the Internet by 2020. You lock your home, you lock your safe, you lock your car. Don’t forget to lock your devices. Take your cyber security seriously and secure your devices!
